Privacy preference based device controls

ABSTRACT

A method for controlling application enabling includes receiving from a particular user an indication of data for sharing and an indication of one or more recipients with which to share the data. A multidimensional zone is determined based on the indication of the data and the indication of the one or more recipients. A request from the particular user to enable a particular application via a computing device is detected. Data permission requirements of the particular application are accessed, and a multidimensional coordinate is determined based on the data permission requirements of the particular application. The multidimensional zone is compared to the multidimensional coordinate, and the particular user is notified via the computing device of the comparing of the multidimensional zone to the multidimensional coordinate. An affirmation of the request is received from the particular user via the computing device, and the particular application is enabled responsive to the affirmation of the request.

CROSS REFERENCE TO RELATED APPLICATION(S)

This application is a division of U.S. patent application Ser. No.16/714,318, filed Dec. 13, 2019, which is incorporated by reference asif fully set forth.

FIELD OF INVENTION

The invention relates generally to data privacy, and more particularlyto data sharing permissions.

BACKGROUND

Privacy settings of different popular computer applications are complexand ever changing. Users often have a difficult time understanding whatthe privacy settings mean. There is often no common language in use todescribe the privacy settings offered by various applications. Users maynot know what type of privacy they desire for a particular applicationor what actions a particular application will take with the users'personal data.

SUMMARY

This Summary introduces simplified concepts that are further describedbelow in the Detailed Description of Illustrative Embodiments. ThisSummary is not intended to identify key features or essential featuresof the claimed subject matter and is not intended to be used to limitthe scope of the claimed subject matter.

A method for controlling the enabling of an application is provided. Themethod includes receiving from a particular user an indication of datafor sharing and an indication of one or more recipients with which toshare the data. A multidimensional zone is determined based on theindication of the data for sharing and the indication of the one or morerecipients. A request from the particular user to enable a particularapplication via a computing device is detected. Data permissionrequirements of the particular application are accessed, and amultidimensional coordinate is determined based on the data permissionrequirements of the particular application. The multidimensional zone iscompared to the multidimensional coordinate, and the particular user isnotified via the computing device of the comparing of themultidimensional zone to the multidimensional coordinate. An affirmationof the request is received from the particular user via the computingdevice, and the particular application is enabled responsive to theaffirmation of the request.

Further provided is a data control method. The method includes receivingfrom a particular user an indication of data for sharing and anindication of one or more recipients with which to share the data. Amultidimensional zone is determined based on the indication of the datafor sharing and the indication of the one or more recipients. Aplurality of application program interfaces (APIs) for a plurality ofapplications are accessed via a network, and data sharing permissionsare set for the particular user for each of the plurality ofapplications based on the multidimensional zone via the plurality ofAPIs.

Further provided is an application execution control method. The methodincludes receiving from a user an indication of data for sharing and anindication of one or more recipients with which to share the data. Amultidimensional zone is determined based on the indication of the datafor sharing and the indication of the one or more recipients. Anaccessing of a particular application by the user via a computing deviceis detected. Rules for the particular application indicating informationto be shared are accessed. Rules for the particular applicationindicating targets of the information to be shared are accessed. Amultidimensional coordinate is determined based on the information to beshared and the targets of the information to be shared. Themultidimensional zone is compared to the multidimensional coordinate.The user is notified based on a position of the multidimensionalcoordinate relative to the multidimensional zone. A request is receivedfrom the user to disable the particular application, and the particularapplication is disabled.

In another provided method for controlling application enabling, anindication of data for sharing and one or more allowed actions for thedata are received. A multidimensional zone is determined based on theindication of the data for sharing and the one or more allowed actionsfor the data. A request is detected from the user to enable a particularapplication via a computing device. Data permission requirements of theparticular application are accessed, and a multidimensional coordinateis determined based on the data permission requirements of theparticular application. The multidimensional zone is compared to themultidimensional coordinate based on the data permission requirements togenerate comparison results. The user is notified via the computingdevice of the comparison results. An affirmation of the request isreceived from the user via the computing device, and the particularapplication is enabled responsive to the affirmation of the request fromthe user.

In another provided data control method, an indication of data forsharing and one or more allowed actions are received from a user. Amultidimensional zone is determined based on the indication of the datafor sharing and the one or more allowed actions for the data. Aplurality of application program interfaces (APIs) for a plurality ofapplications are accessed via a network, and data sharing permissionsfor the user for each of the plurality of applications are set based onthe multidimensional zone via the plurality of APIs.

In another provided method for controlling access to a networkdestination, an indication of data for sharing and an indication of oneor more recipients with which to share the data are received from aparticular user. A multidimensional zone is determined based on theindication of the data for sharing and the indication of the one or morerecipients. A request from the particular user to access a particularwebpage via a computing device is detected, and data permissionrequirements of the particular webpage are accessed. A multidimensionalcoordinate is determined based on the data permission requirements ofthe particular webpage. The multidimensional zone is compared to themultidimensional coordinate, and the particular user is notified via thecomputing device of the comparing of the multidimensional zone to themultidimensional coordinate. An affirmation of the request is receivedfrom the particular user via the computing device, and access to theparticular webpage is enabled responsive to the affirmation of therequest.

In another provided data control method, an indication of data forsharing and an indication of one or more recipients with which to sharethe data are received from a particular user. A multidimensional zone isdetermined based on the indication of the data for sharing and theindication of the one or more recipients. A plurality of applicationprogram interfaces (APIs) for a plurality of websites comprising aplurality of webpages are accessed via a network, and data sharingpermissions are set for the particular user for each of the plurality ofwebsites based on the multidimensional zone via the plurality of APIs.

BRIEF DESCRIPTION OF THE DRAWING(S)

A more detailed understanding may be had from the following description,given by way of example with the accompanying drawings. The Figures inthe drawings and the detailed description are examples. The Figures andthe detailed description are not to be considered limiting and otherexamples are possible. Like reference numerals in the Figures indicatelike elements wherein:

FIG. 1 shows a system enabling control of data privacy settingsaccording to the illustrative embodiments.

FIGS. 2A-2F show exemplary models defining multidimensional privacycomfort zones based on user privacy preferences.

FIGS. 3A-3B show example interactive displays on a computing device forentering and editing privacy preferences.

FIGS. 3C-3H show example interactive displays for providing alertsregarding application data sharing permissions.

FIG. 4 is a flow chart showing a method for determining amultidimensional zone based on user privacy preferences and for enablingan application.

FIG. 5 is a flow chart showing a method for setting data sharingpermissions for a plurality of applications.

FIG. 6 is a flow chart showing a method for determining amultidimensional zone based on user privacy preferences and fordisabling an application.

FIG. 7 is an illustrative computer system for performing describedmethods according to the illustrative embodiments.

DETAILED DESCRIPTION OF ILLUSTRATIVE EMBODIMENT(S)

Referring to FIG. 1, a system 10 for enabling control of data privacysettings of computing devices 12 is provided in a communications network8 including one or more wired or wireless networks or a combinationthereof, for example including a local area network (LAN), a wide areanetwork (WAN), the Internet, mobile telephone networks, and wirelessdata networks such as WiFi™ and 3G/4G/5G cellular networks. Operatingsystems 60 (hereinafter “OS 60”) are executed on the computing devices12. The system 10 enables notifying users of permission requirements ofapplications, receiving requests to enable applications, andautomatically setting data sharing permissions for applications.Further, the system 10 enables the providing of a common interface andcomputing environment for a user to manage the user's electronicprivacy.

A network-connectable processor-enabled privacy manager 20 enables aplurality of survey queries to be provided to a user of a computingdevice 12. The queries can be provided in a user interface 56 viainstructions from a settings agent 14 based on data transmitted from asettings application program interface (API) 30 of the privacy manager20. Alternatively, queries can be provided in the user interface 56based on data transmitted from a web application 28 enabled by theprivacy manager 20 and accessible via a web browser 50. A user'sresponses to the survey queries are stored in a user datastore 26 orlocal datastore 54 and used by the privacy manager 20 or the settingsagent 14 to generate a privacy comfort zone modeled as amultidimensional zone.

Based on the privacy comfort zone, the privacy manager 20 canautomatically generate data sharing permissions via a modeling engine 22for the user for one or more applications that a user choses to execute.The privacy manager 20 can alternatively generate data sharingpermissions for websites including webpages, webpages within websites,or other network-accessible resources. Applications can include forexample social media or messaging applications or platforms for exampleFacebook™, LinkedIn™, and Google™. Applications can further includeplugins, add-ons, or extensions to existing applications, for examplebrowser plugins. Applications or components thereof can be installedlocally on a computing device 12 or on computing systems accessible tothe computing device 12 via a communications network 8, for example theInternet. The data sharing permissions can be set for a particularapplication, website, or webpage by the privacy manager 20 via anapplication settings API 44 which communicates permissions to anapplication server 40 enabling local applications 52 or network-basedapplications, webpages, or services accessible via a web browser 50 or acomponent of a local application 52. Subsequent changes by the user todata sharing permissions for particular applications, websites, orwebpages are logged by the settings agent 14 and communicated to theprivacy manager 20 via the settings API 30. Statistics of the userchanges are used by the modeling engine 22 to build data-drivenstatistical models of privacy preference stored in the model datastore24 of the privacy manager or the local datastore 54 of the computingdevice 12.

The modeling engine 22 enables modeling users' privacy preferences intoa common scale. From the common scale, user privacy preferences aremapped into different privacy settings for a plurality of differentapplications, websites, and webpages. The privacy manager 20 monitorsprivacy settings of a plurality of applications, websites, and webpagesfor example via an application interface 34 in communication withapplication settings APIs 44. The privacy manager 20 is configured todefine, model, and manage user's privacy preferences in at least threedimensions, for example corresponding to three axes. Referring to FIG.2A, an exemplary model 100A generated by the modeling engine 22 showsexemplary first and second multidimensional zones 110, 112 (first andsecond “privacy comfort zones”) in a multidimensional space reflectingrespective exemplary privacy preferences of a particular first user anda particular second user. A first axis (“data content axis”) 102 in themultidimensional space is indicative of which data a user is willing toshare, for example contact data, photos, device location, and passwords.A second axis (“access list axis”) 104 is indicative of with whichrecipients the user is willing to share the data that the user iswilling to share, for example which network destinations, websites,applications, or companies. A third axis (“allowed actions axis”) 106 isindicative of what actions are allowed with the data by the recipientsof the data, for example share the data with others, build a productusing the data, or monetize the data in some manner. The first privacycomfort zone 110 for the first user is based on preference data acquiredfrom the first user, and the second privacy comfort zone 112 for thesecond user is based on preference data acquired from the second user.

A set of queries are provided to a user to gather data required to modelthe user's privacy comfort zones. The queries are generated by thesettings agent 14 or the web application 28 via the user interface 56 ofthe computing device 12. Referring to FIGS. 3A and 3B, exemplaryinteractive displays 200 and 202 provide queries and enable a user toinput query responses which are then used by the modeling engine 22 todetermine a privacy comfort zone for the user. In a first exemplaryinteractive display 200 a generated first query reads: “Which of thefollowing items do you consider as private info not to be shared?” Thefirst exemplary interactive display 200 enables actuatable boxes forselecting information not to be shared including user name, address,phone number, email address, photos, social security number, and bankaccount number. A response to the first query provides indications ofdata a user is willing to share, and can for example be used to definevalues in a dimension defined by the first axis 102 of themultidimensional spaces referred to in FIGS. 2A through 2F.

In a second exemplary interactive display 202, a generated second queryreads: “Do you share photos online?” The user is enabled to input aresponse of “Yes” or “No” via actuatable boxes. A response to the secondquery provides an indication of recipients the user is willing to sharethe data with, and can for example be used to define values in adimension defined by the second axis 104 of the multidimensional spacereferred to in FIGS. 2A through 2F. More specific queries can follow,for example asking if a user is willing to share photos with anyone,with friends only, or with friends and friends of friends only, whichresponses can also be used to define values in a dimension defined bythe second axis 104. A generated third query reads: “What do you wantdone with your photos?” The second exemplary interactive display 202enables actuatable boxes for inputting responses to the third queryincluding shared with friends, shared with friends, shared withfriends-of-friends, shared with everyone, used for providing ads, usedfor providing deals, used for providing coupons, or sold to thirdparties for profit. Inputs in response to the third query provideindications of recipients the user is willing to share the data with andactions allowed with the data by the recipients of the data, whichinputs can for example be used to define values respectively in thedimension defined by the second axis 104 and the dimension defined bythe third axis 106 of the multidimensional spaces referred to in FIGS.2A-2F.

As described herein, user query responses are used to determine a user'sprivacy comfort zone along each of a plurality of axes. While the firstand second privacy comfort zones 110, 112 of FIG. 2A-2C are shown alongthree perpendicular axes 102, 104, 106 for visualization, each of theaxes can include a multidimensional vector not restricted to thegeometry of FIGS. 2A-2F. As such, the privacy comfort zone can beexpressed as a combined multidimensional vector. The three perpendicularaxes 102, 104, 106 can be representative of a data content vector (thedata content axis 102), an access list vector (the access list axis104), and an allowed actions vector (the allowed actions axis 106) whichwhen combined yield the first privacy comfort zone 110 or the secondprivacy comfort zone 112.

A user's responses to queries generated by the settings agent 14 or theweb application 28 can correspond to point values for computing vectorsfor defining a multidimensional zone (“privacy comfort zone”)corresponding to the user. Referring to Table 1, for each of the listeddata types a user is willing to share, a point value is allocated to adata content vector for the user. For example, if a user is willing toshare the user's name (1 point), address (2 points), email address (2points) and bank account number (4 points), the user's data contentvector can be calculated as <(1+2+2+4),0,0> or <9,0,0>. Referring toTable 2, for each of the listed recipients with which the user iswilling to share data, a point value is allocated to an access listvector for the user. For example, if the user is willing to share dataonline (1 point), with friends (1 point) and with friends of friends (2points) and with everyone (3 points), the user's access list vector canbe calculated as <0,(1+1+2+3),0> or <0,7,0>. Referring to Table 3, foreach of the listed allowed actions for the data, a point value isallocated to an allowed actions vector for the user. For example, if auser is willing to allow data to be used for providing ads to user (1point), for providing deals to user (2 points), and for providingcoupons to user (2 points), the user's allowed actions vector can becalculated as <0,0,(1+2+2)> or <0,0,5>.

TABLE 1 Data willing to share Pts. Name of user 1 Address of user 2Phone # of user 2 Email address of user 2 User's photos 3 Social Sec. #of user 4 Bank Acct. # of user 4 Location of user (e.g., via device GPS)4 Health information of user 4

TABLE 2 Willing to share with who/what/where Pts. Online 1 With friendsof user 1 With friends of friends of user 2 With everyone 3

TABLE 3 Allowed actions with data Pts. Used for providing ads to user 1Used for providing deals to user 2 Used for providing coupons to user 2Sold to 3^(rd) parties for profit 4

The multidimensional zone defining a particular user's privacy comfortlevel (“privacy comfort zone”) can be defined for example by themagnitude of a resultant vector of a combination of the user's datacontent vector, access list vector, and allowed actions vector.Referring to FIG. 2D, in an exemplary model 100D a multidimensional zone150 is modeled as a half of a spherical wedge of π/2 radians bound bythe planes defined by the three axes 102, 104, 106, having a center atthe origin 152 of the axes 102, 104, 106, and having a radius 154, whichis the magnitude of the combination of the user's data content vector,access list vector, and allowed actions vector. The multidimensionalzone 150 is accordingly radially symmetric within the area bound by theplanes defined by the three axes 102, 104, 106. Referring to the exampleuser data described above, the resultant vector of the combination ofthe exemplary data content vector of <9,0,0>, access list vector of<0,7,0>, and allowed actions vector of <0,0,5> is <9,7,5> whichcorresponds to a magnitude of (9²+7²+5²)^(1/2), about twelve point fourfive (12.45), which value can be used to define the radius 154 of themultidimensional zone 150.

The privacy comfort zone need not be radially symmetrical or regularlyshaped as shown and described with reference to FIG. 2D. A radiallyasymmetric or irregular privacy comfort zone can be modeled based onwhich data a user is willing to share, with which recipients the user iswilling to share the data that the user is willing to share, and whatactions are allowed with the data by the recipients of the data. Forexample, referring to FIG. 2A, the first privacy comfort zone 110 allowsfor a relatively greater radial distance from the origin 152 along theaccess list axis 104 as compared with the radial distance from theorigin 152 along the data content axis 102 or the allowed actions axis106. This suggests that the first user is relatively liberal regardingallowing specified data to be shared with many recipients, but the firstuser is more conservative regarding which data the first user is willingto share and what actions are allowed with the data by the recipient.The second privacy comfort zone 112 allows for a relatively greaterradial distance from the origin 152 along the data content axis 102 andthe allowed actions axis 106 as compared with the radial distance fromthe origin 152 along the access list axis 104. This suggests that thesecond user is relatively liberal regarding which data the second useris willing to share and what actions are allowed with the data by therecipient as compared with the second user's conservative preferencesregarding with which recipients the data may be shared.

The privacy comfort zone need not be defined as continuous or extendingfrom an origin of a system of coordinate axes. Referring to FIGS. 2E and2F, in an exemplary model 100E, a discontinuous three-dimensional zone(“discontinuous privacy comfort zone”) 170 is modeled based on vectorsor line segments plotted along each of the axes 102, 104, 106. Selectdata types, for example those listed in Tables 1, 2, and 3, arerespectively assigned locations on the data content axis 102, the accesslist axis 104, and the allowed actions axis 106. A check mark representsdata a user is willing to share, an allowed recipient, or an allowedaction. An “X” mark represents data a user is not willing to share, anon-allowed recipient, or a non-allowed action. For each of the listeddata types a user is willing to share, a vector or line segment 160 isassigned to a position on the data content axis 102. For each of thelisted recipients with which the user is willing to share data, a vectoror line segment 162 is assigned to a position on the access list axis104. For each of the listed allowed actions by the user for the data, avector or line segment 164 is assigned to a position on the allowedactions axis 106. The discontinuous privacy comfort zone 170 is bound bythe planes defined by the three axes 102, 104, 106 and is defined by theline segments 160, 162, 164. The discontinuous privacy comfort zone 170is defined along a first plane defined by the data content axis 102 andthe access list axis 104 by first planar surfaces 180, and defined alonga second plane defined by the access list axis 104 and the allowedactions axis 106 by second planar surfaces 182, and defined along athird plane defined by the allowed actions axis 106 and the data contentaxis 102 by third planar surfaces 184. A first convex surface 172 alignswith the outermost edges of the first, second and third planar surfaces180, 182, 184. A concave surface 174 aligns with internal edges of thefirst, second and third planar surfaces 180, 182, 184. A second convexsurface 176 aligns with other internal edges of the first, second andthird planar surfaces 180, 182, 184. A void 178 in the discontinuousprivacy comfort zone 170 is created between the concave surface 174 andthe second convex surface 176.

Initially, a user's privacy comfort zone is determined by the modelingengine 22 or the settings agent 14 based on the user's responses toqueries related to the user via the user interface 56. After collectingquery responses from multiple users via multiple computing devices 12and then logging manual changes by the multiple users to data sharingpermissions for particular applications, websites, and webpages themodeling engine 22 is enabled to build data-driven statistical models ofprivacy preference, which models can be stored in the model datastore 24or the local datastore 54. The modeling engine 22 or the settings agent14 can then provide a limited set of queries to a particular user andgenerate the privacy comfort zone for the particular user based on thelimited set of queries and the privacy comfort zones of other usershaving similar identifying information (e.g., age, income, profession,residence location, work location, family status).

After a privacy comfort zone is determined for a particular user, themodeling engine 22 or the settings agent 14 determines whether theexpected use by one or more applications or one or more websites orwebpages of the particular user's data is compliant with the particularuser's privacy comfort zone. Applications can include for example localapplications 52 or network-based or web-based applications or serviceshosted by application servers 40 and accessible via browsers 50 or localapplications 52. To make compliance determinations the privacy manager20 can access one or more of manifests, end user license agreements(“EULAs”), terms of use, or privacy settings of applications andwebsites or webpages, for example rendered available to the privacymanager 20 via application settings APIs 44 of the applications.Applications installed on mobile devices (“mobile applications”) oftenset forth available privacy settings in manifests or EULAs accompanyingthe applications. Applications embodied as web services often set forthavailable privacy settings in EULAs and render privacy settingsavailable through application settings APIs 44. Since privacy settingsof an application or website are often selectable by a user, whether ornot an application or website is compliant with a privacy comfort zonecan be dependent on the data sharing permissions set by the user via theapplication's privacy settings. Data sharing permissions for anapplication or website can be set automatically by the privacy manager20 to comply with a user's privacy comfort zone by communication withthe application's or website's application settings API 44 via theapplication interface 34. Further, a user can typically manually adjustthe data sharing permissions for an application or website via a localapplication 52 or by a browser 50 via an application server 40.

A multidimensional coordinate is determined for an application, website,or webpage by the modeling engine 22 based on default, available, orfixed privacy settings of the application, website, or webpage, forexample privacy settings accessed in a manifest, terms of service, orEULA accessible via an application settings API 44 for the application,website, or webpage. Beneficially, a multidimensional coordinate, whichcan be expressed as a vector, is defined by a first position vectorindicative of which data an application, website, or webpage will share,for example contact data, photos, device location, or passwords, asecond position vector indicative of with which recipients theapplication, website, or webpage will share the data, for example whichnetwork destinations, websites, applications, user contacts, orcompanies, and a third position vector indicative of what actions withthe data are allowed by the application, website, or webpage, forexample sharing the data with others, building a product using the data,or monetizing the data in some manner. The modeling engine 22 orsettings agent 14 compares the multidimensional coordinate with aprivacy comfort zone of a user to determine if the multidimensionalcoordinate is within the privacy comfort zone of the user.

Referring again to Tables 1, 2, and 3 a multidimensional coordinatecorresponding to a particular exemplary application is determined by themodeling engine 22 based on default, available, or fixed privacysettings of the application. Referring to Table 1, for each of thelisted data types an application, website, or webpage is configured toshare (based on default, available, or fixed privacy settings) a pointvalue is allocated to a data content vector for the application,website, or webpage. For example, if an application is configured toshare the user's name (1 point), address (2 points), phone number (2points), and photos (3 points), the exemplary application's data contentvector can be calculated as <(1+2+2+3),0,0> or <8,0,0>. Referring toTable 2, for each of the listed recipients with which an application,website, or webpage is configured to share data, a point value isallocated to an access list vector for the application, website, orwebpage. For example, if an application is configured to share dataonline (1 point), with a user's friends (1 point), and with a user'sfriends of friends (2 points), the exemplary application's access listvector can be calculated as <0,(1+1+2),0> or <0,4,0>. Referring to Table3, for each of the listed allowed actions by an application, website, orwebpage for the data, a point value is allocated to an allowed actionvector for the application, website, or webpage. For example, if anapplication is configured to allow data to be used for providing ads toa user (1 point), for providing deals to a user (2 points), forproviding coupons to a user (2 points), and for selling a user's data to3^(rd) parties for profit (4 points), the application's allowed actionsvector can be calculated as <0,0,(1+2+2+4)> or <0,0,9>. The resultantposition vector, or stated alternatively the multidimensionalcoordinate, of the combination of the application data content positionvector of <8,0,0>, access list position vector of <0,4,0>, and allowedactions vector of <0,0,9> is <8,4,9> for the exemplary application. Thiscorresponds to a vector magnitude of (8²+4²+9²)^(1/2), which equalsabout 12.69. The exemplary application's resultant position vector canbe compared for example with the multidimensional zone defined by theabove-described exemplary user's resultant vector of <9,7,5>,corresponding to a magnitude of (9²+7²+5²)^(1/2), which equals about12.45. The resultant position vector of the exemplary application havingmagnitude of about 12.69 extends outside of the exemplary user'smultidimensional zone (“privacy comfort zone”) defined by the exemplaryuser's resultant vector having a magnitude of about 12.45.

Alternatively, referring to FIGS. 2E and 2F, select data types can beassigned locations on the data content axis 102, the access list axis104, and the allowed actions axis 106, and one or more multidimensionalcoordinates for an application, website, or webpage can be generatedbased on default, available, or fixed privacy settings of theapplication, website, or webpage. For example, if an application is onlyconfigured to share a user's email address with recipients specified bythe user and to use the user's email address for providing the user withcoupons, a multidimensional coordinate 190 within the user'sdiscontinuous privacy comfort zone 170 is determined based on therespective assigned locations of those data types on the data contentaxis 102, the access list axis 104, and the allowed actions axis 106.The multidimensional coordinate 190 is positioned between the firstconvex surface 172 and the concave surface 174 within the user's privacycomfort zone 170. If an application is configured to share a user'sphone number with anyone and use user data for deals and ads, amultidimensional coordinate 192 outside the user's discontinuous privacycomfort zone 170 is calculated based on the respective assignedlocations of those data types on the data content axis 102, the accesslist axis 104, and the allowed actions axis 106. The multidimensionalcoordinate 192 is positioned between the concave surface 174 and thesecond convex surface 176 in the void 178.

Referring to FIG. 2B, an exemplary model 100B includes exemplarymultidimensional coordinates based on exemplary privacy settings of aplurality of different applications. A first multidimensional coordinate120, which can be defined by a position vector, resides within the firstprivacy comfort zone 110 of the first user, but not within the secondprivacy comfort zone 112 of the second user. Data sharing permissions ofprivacy settings of a first application are used by the modeling engine22 to locate the first multidimensional coordinate. A secondmultidimensional coordinate 122 resides within the second privacycomfort zone 112 of the second user, but not within the first privacycomfort zone 110 of the first user. Data sharing permissions of privacysettings of a second application are used by the modeling engine 22 tolocate the second multidimensional coordinate 122. A thirdmultidimensional coordinate 124 resides within both the first privacycomfort zone 110 of the first user and the second privacy comfort zone112 of the second user. Data sharing permissions of privacy settings ofa third application are used by the modeling engine 22 to locate thethird multidimensional coordinate 124. A fourth multidimensionalcoordinate 126 resides neither within the first privacy comfort zone 110of the first user nor within the second privacy comfort zone 112 of thesecond user. Data sharing permissions of privacy settings of a fourthapplication are used by the modeling engine 22 to locate the fourthmultidimensional coordinate 126. Based on an application'svector-defined multidimensional coordinate position relative to a user'sprivacy comfort zone, the privacy manager 20 can make changes to theuser's data sharing permissions for the application via an applicationsettings API 44, for example to bring the multidimensional coordinatecorresponding to the application into the user's privacy comfort zone.Alternatively, the privacy manager 20 via the settings agent 14 canprovide a notification to the user via the user interface 56 indicatingthat the application's default, available, user-selected, or fixedprivacy settings are outside or within the user's privacy comfort zone.

Referring to FIG. 3C, a third exemplary interactive display 210 includesa notification to a particular user provided via the settings agent 14.The notification describes a comparing of a multidimensional coordinatedetermined by the modeling engine 22 based on data sharing permissionsof a particular application with the privacy comfort zone of theparticular user. The notification is generated responsive to downloadingthe particular application from an application repository 42 orattempting to install the application on the computing device 12. Thenotification indicates: “FUNMEET social media app has a privacy policythat falls outside of your privacy comfort zone. Do you still want toinstall.” An install button 212 is provided in the third exemplaryinteractive display 210 for actuation by a user to trigger installationof the “FUNMEET” social media application via the operating system 60. Acancel install button 214 is provided in the third exemplary interactivedisplay 210 for actuation by a user to cancel installation of the“FUNMEET” social media application.

Referring to FIG. 3D, a fourth exemplary interactive display 220includes a notification to a particular user provided via the settingsagent 14. The notification describes a comparing of a multidimensionalcoordinate determined by the modeling engine 22 based on data sharingpermissions of an exemplary “TALKALIZE” messaging application with theprivacy comfort zone of the particular user. The notification of thefourth exemplary interactive display 220 is generated responsive todownloading the exemplary messaging application from an applicationrepository 42 or attempting to install the application on the computingdevice 12. The notification indicates: “The default TALKALIZE messagingapp's data sharing permissions fall outside of your privacy comfortzone.” An install button 222 is provided in the fourth exemplaryinteractive display 220 for actuation by a user to trigger installationof the exemplary messaging application via the operating system 60. Acancel install button 224 is provided in the fourth exemplaryinteractive display 220 for actuation by a user to cancel installationof the exemplary messaging application. An install and auto-modifypermissions button 226 is provided in the fourth exemplary interactivedisplay 220 to install the application via the operating system 60 andthen signal the privacy manager 20 to automatically change the datasharing permissions of the messaging application from the defaultsettings (e.g., via the application settings API 44) to settingsincluding data sharing permissions within the user's privacy comfortzone.

Referring to FIG. 3E, a fifth exemplary interactive display 230 includesa notification to a particular user provided via the settings agent 14.The notification describes a comparing of a multidimensional coordinatedetermined by the modeling engine 22 based on data sharing permissionsof an exemplary “THUNDERSAIL” gaming application with the privacycomfort zone of the particular user. The notification of the fifthexemplary interactive display 230 is generated responsive to downloadingfrom an application repository 42, installing, or attempting to installthe application on the computing device 12. The notification indicates:“The default THUNDERSAIL gaming app's data sharing permissions arewithin your privacy comfort zone.” An OK button 232 is provided in thefifth exemplary interactive display 230 for actuation by a user totrigger installation of or enable use of the exemplary gamingapplication via the operating system 60. A go to app privacy settingsbutton 234 is provided in the fifth exemplary interactive display 230 tore-direct the user to a local or network-based privacy settingsinterface enabled by the exemplary gaming application to change the datasharing permissions of the gaming application from the default datasharing permissions.

Changes over time in the data sharing permissions of the privacysettings of applications, websites, and webpages are monitored by theprivacy manager 20 or settings agent 14. These changes may be the resultfor example of application updates or purposeful or inadvertent changesto the application's, website's, or webpage's data sharing permissionsmade by the user. A monitored change in the data sharing permissions ofthe privacy settings of an application, website, or webpage results inshifting of the modeled location of the multidimensional coordinateassociated with the application, website, or webpage as determined bythe settings agent 14 or the modeling engine 22. Referring to FIG. 2C,in an exemplary model 100C exemplary shifts in the determined positionsof the first and second multidimensional coordinates 120, 122 are shown.The first multidimensional coordinate 120 is determined to shiftposition as shown by the first arrow 130 based on a monitored change indata sharing permissions of privacy settings of the first application.Since the shifted position of the first multidimensional coordinate isstill within the first privacy comfort zone 110, no user notification oraction is required. The second multidimensional coordinate 122 isdetermined to shift position as shown by the second arrow 132 based on amonitored change in data sharing permissions of privacy settings of thesecond application. Since the shifted position of the secondmultidimensional coordinate 122 is not within the second privacy comfortzone 112, the settings agent 14 beneficially enables a notification tothe second user or requests action from the second user.

Referring to FIG. 3F, a sixth exemplary interactive display 240 includesa notification to a particular user provided via the settings agent 14.The notification describes a comparing of a multidimensional coordinatedetermined by the modeling engine 22 based on changed data sharingpermissions of an exemplary “GROUPSTAR” social media application withthe privacy comfort zone of the particular user. The notification isgenerated responsive to a recent change in the privacy policy of theexemplary social media application. The notification indicates: “Theinstalled GROUPSTAR social media app has changed its privacy policy soit now falls outside of your privacy comfort zone.” A continue button242 is provided in the sixth exemplary interactive display 240 foractuation by a user to acknowledge the notification. A close applicationbutton 244 is provided in the sixth exemplary interactive display 240for actuation by a user to close the “GROUPSTAR” social mediaapplication via the operating system 60, for example in response to theuser's dissatisfaction with the changed privacy policy. An uninstallapplication button 246 is provided to enable uninstalling of the“GROUPSTAR” social media application via the operating system 60, forexample in response to the user's dissatisfaction with the changedprivacy policy.

A user can receive notifications regarding whether data sharingpermissions of an application, website, or webpage fall outside theirprivacy comfort zone or the privacy comfort zones of other users.Referring to FIG. 3G, a seventh exemplary interactive display 250includes a notification to a particular user via the settings agent 14 acomputing device 12 which describes a comparing of a multidimensionalcoordinate determined based on data sharing permissions of a particularapplication with privacy comfort zones of a plurality of other users ofthe settings agent 14 on other computing devices 12. The notification ofthe seventh exemplary interactive display 250 is generated by thesettings agent 14 responsive to downloading the application from anapplication repository 42 or attempting to install the application onthe computing device 12. The notification indicates: “The privacy policyof this app falls outside the privacy comfort zone of 75% of users.Think twice before installing.” A go to app privacy settings button 252is provided in the seventh exemplary interactive display 250 tore-direct the user to a local or network-based privacy settingsinterface enabled by the application to allow the user to manuallychange the data sharing permissions of the application from the defaultsettings. An install and auto-modify permissions button 254 is providedto install the application via the operating system 60 and then signalthe privacy manager 20 to automatically change the data sharingpermissions of the application from the default settings (e.g., via theapplication settings API 44) to settings including data sharingpermissions within the user's privacy comfort zone.

An application or website developer can register an account with theprivacy manager 20 via a developer application program interface 32 andupload or provide a network link to data sharing permissions for examplein the form of application manifests, EULAs, terms of service, orprivacy settings via a developer system 16. The privacy manager 20 viathe modeling engine 22 generates a multidimensional coordinate based onthe uploaded data sharing permissions and compares the multidimensionalcoordinate with the privacy comfort zones of a plurality of users of thesettings agent 14. A notification is provided to the developer system 16based on the comparison. Referring to FIG. 3H, an eighth exemplaryinteractive display 260 includes an exemplary notification to adeveloper system 16 transmitted via the developer API 32, whichnotification describes a comparing of a multidimensional coordinatedetermined based on data sharing permissions provided by the developerwith privacy comfort zones of a plurality of users of the settings agent14 on computing devices 12. The notification is generated by the privacymanager 20 responsive to receiving uploaded data sharing permissions orreceiving a network link to data sharing permissions via the developersystem 16. The notification reads: “The policies of this app falloutside of the privacy comfort zone of 60% of users. Think aboutchanging the privacy schemes.” An OK button 262 is provided foractuation by a developer to acknowledge the notification. A seerecommendations button 264 is provided for redirecting the developer tosuggested changes to their data sharing permissions to better conformwith privacy comfort zones of more users.

Referring to FIG. 4, a flowchart shows a method 400 of controllingenabling of an application. An alternative implementation of the method400 can be used to control the enabling of access to websites andwebpages within websites. The method 400 and associated processes aredescribed with reference to the components of the system 10 shown inFIG. 1, including for example the computing device 12, theprocessor-enabled privacy manager 20, the settings agent 14, and theapplication settings API 44. Alternatively, the method 400 can beperformed via other suitable systems.

The method 400 includes receiving from a particular user an indicationof data for sharing (step 402), receiving from the particular user anindication of one or more recipients with which to share the data (step404), and receiving from the particular user one or more allowed actionsfor the data (step 406). Beneficially the processor-enabled privacymanager 20 or settings agent 14 performs the receiving steps via acomputing device 12. The indication of the one or more recipients caninclude for example one or more of an indication of network destinationsfor receiving the data, other applications for receiving the data, orother users for receiving the data. To receive the indications, theparticular user can be queried via the computing device 12, and theindication of the data for sharing, the indication of the one or morerecipients, and the one or more allowed actions for the data can bereceived via the user interface 56 of the computing device 12 responsiveto the querying.

A multidimensional zone is determined based on the indication of thedata for sharing, the indication of the one or more recipients, and theone or more allowed actions for the data (step 408). Beneficially, afirst multidimensional vector is determined based on the indication ofthe data for sharing, a second multidimensional vector is determinedbased on the indication of the one or more recipients with which toshare the data, and a third multidimensional vector is determined basedon the one or more allowed actions for the data, and determining themultidimensional zone includes determining a combined multidimensionalvector based on the first multidimensional vector, the secondmultidimensional vector, and the third multidimensional vector. Forexample, a first value can be determined on a first axis based on theindication of the data for sharing, a second value can be determined ona second axis based on the indication of the one or more recipients withwhich to share the data, and a third value can be determined on a thirdaxis based on the one or more allowed actions for the data, and themultidimensional zone can be determined by determining a combinedmultidimensional vector based on the first value on the first axis, thesecond value on the second axis, and the third value on the third axis.

Alternatively, any two of steps 402, 404, and 406 can be performed tothe exclusion of one of steps 402, 404, and 406, and themultidimensional zone can be determined based on two or more of theindication of the data for sharing, the indication of the one or morerecipients, and the one or more allowed actions for the data, forexample based on two or more of the first multidimensional vector, thesecond multidimensional vector, and the third multidimensional vector.

A request is detected from the particular user to enable a particularapplication via a computing device 12 (step 410). Such request caninclude any action to install or execute an application. The settingsagent 14 can monitor the enabling of applications via the operatingsystem 60 of the computing device 12 to detect requests. Data permissionrequirements of the particular application are accessed (step 412), anda multidimensional coordinate is determined based on the data permissionrequirements of the particular application (step 414). Alternatively, arequest to access a particular website or webpage is detected, datapermission requirements of the particular website or webpage areaccessed, and a multidimensional coordinate is determined based on thedata permission requirements of the particular website or webpage. Theaccessing of the data permission requirements of the particularapplication or particular website or webpage can include accessing oneor more of a manifest of the particular application, an end-user licenseagreement (“EULA”) of the particular application, terms of service ofthe particular website or webpage, or privacy settings of the particularapplication. Further, the accessing of the data permission requirementsof the particular application or the particular website or webpage caninclude two or more of accessing of rules indicating information to beshared, accessing rules indicating targets of the information to beshared, and accessing rules indicating allowed actions for theinformation. Further, the multidimensional coordinate can be determinedbased on two or more of the information to be shared, the targets of theinformation to be shared, and the allowed actions for the information.For example, a first position vector can be determined based on theinformation to be shared, a second position vector can be determinedbased on the targets of the information to be shared, and a thirdposition vector can be determined based on the allowed actions for theinformation. The multidimensional coordinate can be determined based ontwo or more of the first position vector, the second position vector, orthe third position vector. The accessing of the rules indicating thetargets of the information to be shared can include accessing rulesindicating one or more of network destinations for receiving theinformation, other applications for receiving the information, or otherusers for receiving the information.

The multidimensional zone is compared to the multidimensional coordinate(step 416), and the particular user is notified via the computing device12 of the comparing of the multidimensional zone to the multidimensionalcoordinate (step 418). The comparing of the multidimensional zone to themultidimensional coordinate can include determining that themultidimensional coordinate is outside of the multidimensional zone, andthe notifying of the particular user can include notifying theparticular user that the multidimensional coordinate is outside themultidimensional zone. A notification of this type is shown in the inthe third exemplary interactive display 210 of FIG. 3C.

An affirmation of the request from the particular user is received viathe computing device (step 420), and the particular application isenabled responsive to the affirmation of the request (step 422).Alternatively, access to a particular website or webpage is enabled.Enabling the particular application can include one or both of enablinginstallation of the particular application on the computing device orenabling execution or use of the particular application, whichapplication can also be web-based or include network accessible servicesor components.

An extension of the method 400 can include receiving from a plurality ofother users two or more of other indications of other data for sharing,other indications of other recipients with which to share the otherdata, or other allowed actions. Another multidimensional zone isdetermined based on two or more of the other indications of the otherdata, the other indications of the other recipients, or the otherallowed actions. The other multidimensional zone is compared to themultidimensional coordinate, and the particular user is notified via thecomputing device 12 of the comparing of the other multidimensional zoneto the multidimensional coordinate. A notification of this type is shownin the in the seventh exemplary interactive display 250 of FIG. 3G.

A further extension of the method 400 can include re-accessing the datapermission requirements of the particular application or particularwebsite or webpage, determining change in the data permissionrequirements of the particular application or particular website orwebpage, re-determining the multidimensional coordinate based on thechanged data permission requirements of the particular application orparticular website or webpage, re-comparing the multidimensional zone tothe re-determined multidimensional coordinate, and notifying theparticular user via the computing device of the re-comparing. Forexample if the particular user had been initially notified regarding themultidimensional coordinate being within the multidimensional zone, forexample as shown and described with reference to the fifth exemplaryinteractive display 230 of FIG. 3E, then after the re-comparing, theparticular user can be notified regarding the re-determinedmultidimensional coordinate being outside of the multidimensional zone,for example as shown and described with reference to the sixth exemplaryinteractive display 240 of FIG. 3F.

Referring to FIG. 5, a flowchart shows a data control method 500. Themethod 500 and associated processes are described with reference to thecomponents of the system 10 shown in FIG. 1, including for example thecomputing device 12, the processor-enabled privacy manager 20, thesettings agent 14, and the application settings API 44. Alternatively,the method 500 can be performed via other suitable systems.

The method 500 includes a process for setting data sharing permissionsfor a user for a plurality of applications or websites or webpages. Themethod 500 includes two or more of receiving from a particular user anindication of data for sharing (step 502), receiving from the particularuser an indication of one or more recipients with which to share thedata (step 504), or receiving from the particular user one or moreallowed actions for the data (step 506). Beneficially theprocessor-enabled privacy manager 20 or settings agent 14 performs thereceiving steps via a computing device 12. The indication of the datafor sharing can include for example a name of the particular user, anaddress of the particular user, a telephone number of the particularuser, an email address of the particular user, an identification numberof the particular user, an indication of photos for sharing, anindication of contacts for sharing, or an indication of the location ofa computing device 12 of the particular user for sharing. The indicationof the data for sharing can also include an indication of data not forsharing. The indication of the one or more recipients can include forexample an indication of a particular application with which to sharethe data, an indication to share the data via a network, or anindication of a network destination with which to share the data. Theone or more allowed actions for the data can include for example anindication that the data can be shared by the one or recipients withother recipients, an indication that the data can be used by the one ormore recipients in building an application or a service, an indicationthat the data can be used to enable transmission of advertisements,offers, or coupons to the particular user, and an indication that thedata can be sold by the one or more recipients.

A multidimensional zone is determined based on two or more of theindication of the data for sharing, the indication of the one or morerecipients, or the one or more allowed actions for the data (step 508).Beneficially, a first multidimensional vector is determined based on theindication of the data for sharing, a second multidimensional vector isdetermined based on the indication of the one or more recipients withwhich to share the data, and a third multidimensional vector isdetermined based on the one or more allowed actions for the data,wherein determining the multidimensional zone includes determining acombined multidimensional vector based on the first multidimensionalvector, the second multidimensional vector, and the thirdmultidimensional vector. For example, a first value can be determined ona first axis based on the indication of data for sharing, a second valuecan be determined on a second axis based on the indication of one ormore recipients with which to share the data, and a third value can bedetermined on a third axis based on the one or more allowed actions forthe data, wherein determining the multidimensional zone includesdetermining a combined multidimensional vector based on the first valueon the first axis, the second value on the second axis, and the thirdvalue on the third axis.

A plurality of application program interfaces (APIs) for a plurality ofapplications are accessed via a network (step 510). Alternatively oradditionally a plurality of application program interfaces (APIs) for aplurality of websites including a plurality of webpages are accessed viathe network. Further, a manifest, an end-user license agreement(“EULA”), terms of service, or privacy settings can be accessed via anAPI of each of the plurality of applications or websites or via othernetwork location, and the data sharing permissions can be set for theparticular user further based on one or more of the manifest, the EULA,the terms of service, or the privacy settings of each of the pluralityof applications or websites.

Data sharing permissions for the particular user for each of theplurality of applications, or alternatively each of the plurality ofwebsites, are set based on the multidimensional zone of the particularuser via the plurality of APIs (step 512). The setting of the datasharing permissions can include for example selecting predefinedpermissions via the plurality of APIs. Further, the setting of the datasharing permissions beneficially includes two or more of setting rulesindicating information to be shared, setting rules indicating targets ofthe information to be shared, or setting rules indicating allowedactions for the data, wherein the setting of the rules includesestablishing a multidimensional coordinate based on two or more of theinformation to be shared, the targets of the information to be shared,or the allowed actions for the data to be within the multidimensionalzone. For example, a first position vector can be determined based onthe information to be shared, a second position vector can be determinedbased on the targets of the information to be shared, and a thirdposition vector can be determined based on the allowed actions for theinformation, wherein setting the rules includes establishing amultidimensional coordinate to be within the multidimensional zone basedon the first position vector, the second position vector, and the thirdposition vector. Alternatively, only two of the vectors can be used inestablishing the multidimensional coordinate and setting the rules.

An extension of the method 500 can include determining a modification bythe particular user of the data sharing permissions for a particular oneof the plurality of applications or websites or webpages, andre-determining the multidimensional zone based on the modification ofthe data sharing permissions, and re-setting the data sharingpermissions for the particular user for one or more others of theplurality of applications or websites or webpages based on there-determined multidimensional zone via one or more of the plurality ofAPIs. For example, a user's modification to data sharing permissions forthe Facebook™ social media application can be detected by the privacymanager 20 which can re-determine the user's multidimensional zone andre-set the user's data sharing permissions for the Twitter™ social mediaapplication via a Twitter™ settings API.

A further extension of the method 500 can include receiving identifyinginformation of the particular user and receiving identifying informationof a plurality of other users. The identifying information of theparticular user and the identifying information of the plurality ofother users are compared. A plurality of indications of information forsharing are received from the other users, a plurality of indications ofrecipients with which to share the information are received from theother users, and a plurality of allowed actions for the information arereceived from the other users. The multidimensional zone is determinedfurther based on the plurality of indications of information for sharingfrom the other users, the plurality of indications of recipients withwhich to share the information from the other users, the plurality ofallowed actions for the information from the other users, and thecomparing of the identifying information of the particular user and theidentifying information of the plurality of other users. In such amanner the multidimensional zone for a particular user can be based onthe privacy preferences of other users having similar identifyinginformation (e.g., age, income, profession, residence location, worklocation, family status).

Referring to FIG. 6, a flowchart shows an application execution controlmethod 600. The method 600 and associated processes are described withreference to the components of the system 10 shown in FIG. 1, includingfor example the computing device 12, the processor-enabled privacymanager 20, and the settings agent 14. Alternatively, the method 600 canbe performed via other suitable systems. Further, in an alternativeimplementation of the method 600, access to websites or webpages can becontrolled.

The method 600 includes at least two of: receiving from a user anindication of data for sharing (step 602), receiving from the user anindication of one or more recipients with which to share the data (step604), or receiving from the user one or more allowed actions for thedata (step 606). A multidimensional zone is determined based on at leasttwo of: the indication of the data for sharing, the indication of theone or more recipients, or the one or more allowed actions (step 608).An accessing of a particular application by the user is detected via acomputing device (step 610). The detecting of the accessing of theparticular application can include detecting executing of theapplication on the computing device, detecting a request to install theapplication on the computing device, or detecting processes of theapplication between the computing device and a network-accessibleserver. Alternatively, an accessing of a particular website or webpagecan be detected.

At least two of: rules for the particular application, website, orwebpage indicating information to be shared (step 612), rules for theparticular application, website, or webpage indicating targets of theinformation to be shared (step 614), or rules for the particularapplication, website, or webpage indicating allowed actions for theinformation (step 616) are accessed. The indication of the one or morerecipients can include for example network destinations for receivingthe data, other applications for receiving the data, or other users forreceiving the data. A multidimensional coordinate is determined based onat least two of: the information to be shared, the targets of theinformation to be shared, or the allowed actions for the information(step 618). The multidimensional zone is compared to themultidimensional coordinate (step 620), a user is notified based on theposition of the multidimensional coordinate relative to themultidimensional zone (step 622), and a request is received from theuser to disable the particular application (step 624). Alternatively, arequest is received from the user to block or discontinue access to ornavigate away from a website, webpage or associated resources. Thenotification can include for example the notification provided in thesixth exemplary interactive display 240 via the settings agent 14. Therequest to disable the application can be received for example via aclose application button 244 or an uninstall application button 246enabled in the user interface 56 via the settings agent 14. The settingsagent 14 can initiate a disabling of the application (step 626)responsive to the request of step 624, for example to close theparticular application or uninstall the particular application via theoperating system 60. Alternatively, the settings agent 14 can initiate ablock of a particular website, webpage or associated resources via abrowser 50.

FIG. 7 illustrates in abstract the function of an exemplary computersystem 1000 on which the systems, methods and processes described hereincan execute. For example, the computing device 12, developer system 16,privacy manager 20, application server 40, and application settings API44 can each be embodied by a particular computer system 1000. Thecomputer system 1000 may be provided in the form of a personal computer,laptop, handheld mobile communication device, mainframe, distributedcomputing system, or other suitable configuration. Illustrative subjectmatter is in some instances described herein as computer-executableinstructions, for example in the form of program modules, which programmodules can include programs, routines, objects, data structures,components, or architecture configured to perform particular tasks orimplement particular abstract data types. The computer-executableinstructions are represented for example by instructions 1024 executableby the computer system 1000.

The computer system 1000 can operate as a standalone device or can beconnected (e.g., networked) to other machines. In a networkeddeployment, the computer system 1000 may operate in the capacity of aserver or a client machine in server-client network environment, or as apeer machine in a peer-to-peer (or distributed) network environment. Thecomputer system 1000 can also be considered to include a collection ofmachines that individually or jointly execute a set (or multiple sets)of instructions to perform one or more of the methodologies describedherein.

It would be understood by those skilled in the art that other computersystems including but not limited to networkable personal computers,minicomputers, mainframe computers, handheld mobile communicationdevices, multiprocessor systems, microprocessor-based or programmableelectronics, and smart phones could be used to enable the systems,methods and processes described herein. Such computer systems canmoreover be configured as distributed computer environments whereprogram modules are enabled and tasks are performed by processingdevices linked through a communications network, and in which programmodules can be located in both local and remote memory storage devices.

The exemplary computer system 1000 includes a processor 1002, forexample a central processing unit (CPU) or a graphics processing unit(GPU), a main memory 1004, and a static memory 1006 in communication viaa bus 1008. A visual display 1010 for example a liquid crystal display(LCD), light emitting diode (LED) display or a cathode ray tube (CRT) isprovided for displaying data to a user of the computer system 1000. Thevisual display 1010 can be enabled to receive data input from a user forexample via a resistive or capacitive touch screen. A character inputapparatus 1012 can be provided for example in the form of a physicalkeyboard, or alternatively, a program module which enables auser-interactive simulated keyboard on the visual display 1010 andactuatable for example using a resistive or capacitive touchscreen. Anaudio input apparatus 1013, for example a microphone, enables audiblelanguage input which can be converted to textual input by the processor1002 via the instructions 1024. A pointing/selecting apparatus 1014 canbe provided, for example in the form of a computer mouse or enabled viaa resistive or capacitive touch screen in the visual display 1010. Adata drive 1016, a signal generator 1018 such as an audio speaker, and anetwork interface 1020 can also be provided. A location determiningsystem 1017 is also provided which can include for example a GPSreceiver and supporting hardware.

The instructions 1024 and data structures embodying or used by theherein-described systems, methods, and processes, for example softwareinstructions, are stored on a computer-readable medium 1022 and areaccessible via the data drive 1016. Further, the instructions 1024 cancompletely or partially reside for a particular time period in the mainmemory 1004 or within the processor 1002 when the instructions 1024 areexecuted. The main memory 1004 and the processor 1002 are also as suchconsidered computer-readable media.

While the computer-readable medium 1022 is shown as a single medium, thecomputer-readable medium 1022 can be considered to include a singlemedium or multiple media, for example in a centralized or distributeddatabase, or associated caches and servers, that store the instructions1024. The computer-readable medium 1022 can be considered to include anytangible medium that can store, encode, or carry instructions forexecution by a machine and that cause the machine to perform any one ormore of the methodologies described herein, or that can store, encode,or carry data structures used by or associated with such instructions.Further, the term “computer-readable storage medium” can be consideredto include, but is not limited to, solid-state memories and optical andmagnetic media that can store information in a non-transitory manner.Computer-readable media can for example include non-volatile memory suchas semiconductor memory devices (e.g., magnetic disks such as internalhard disks and removable disks, magneto-optical disks, CD-ROM andDVD-ROM disks, Erasable Programmable Read-Only Memory (EPROM),Electrically Erasable Programmable Read-Only Memory (EEPROM), and flashmemory devices).

The instructions 1024 can be transmitted or received over acommunications network, for example the communications network 8, usinga signal transmission medium via the network interface 1020 operatingunder one or more known transfer protocols, for example FTP, HTTP, orHTTPs. Examples of communication networks include a local area network(LAN), a wide area network (WAN), the Internet, mobile telephonenetworks, Plain Old Telephone (POTS) networks, and wireless datanetworks, for example WiFi™ and 3G/4G/5G cellular networks. The term“computer-readable signal medium” can be considered to include anytransitory intangible medium that is capable of storing, encoding, orcarrying instructions for execution by a machine, and includes digitalor analog communications signals or other intangible medium tofacilitate communication of such instructions.

Although features and elements are described above in particularcombinations, one of ordinary skill in the art will appreciate that eachfeature or element can be used alone or in any combination with theother features and elements. Methods described herein may be implementedin a computer program, software, or firmware incorporated in acomputer-readable medium for execution by a computer or processor. Whileembodiments have been described in detail above, these embodiments arenon-limiting and should be considered as merely exemplary. Modificationsand extensions may be developed, and all such modifications are deemedto be within the scope defined by the appended claims.

What is claimed is:
 1. A data control method comprising: receiving froma particular user an indication of data for sharing; receiving from theparticular user an indication of at least one recipient with which toshare the data; determining a multidimensional zone based on theindication of the data for sharing and the indication of the at leastone recipient. accessing via a network a plurality of applicationprogram interfaces (APIs) for a plurality of applications; and settingdata sharing permissions for the particular user for each of theplurality of applications based on the multidimensional zone via theplurality of APIs.
 2. The method of claim 1, the setting of the datasharing permissions comprising selecting predefined permissions via theplurality of APIs.
 3. The method of claim 1, further comprising:determining a modification by the particular user of the data sharingpermissions for a particular one of the plurality of applications;re-determining the multidimensional zone based on the modification ofthe data sharing permissions; and re-setting the data sharingpermissions for the particular user for at least one other of theplurality of applications based on the re-determined multidimensionalzone via at least one of the plurality of APIs.
 4. The method of claim1, the receiving from the particular user of the indication of the datafor sharing comprising receiving at least one of an indication of photosfor sharing or an indication of contacts for sharing.
 5. The method ofclaim 1, the receiving from the particular user of the indication of thedata for sharing comprising receiving an indication of location of acomputing device of the particular user.
 6. The method of claim 1, thereceiving from the particular user the indication of the at least onerecipient with which to share the data comprising receiving anindication of at least one of a particular application with which toshare the data or an indication of a network destination with which toshare the data.
 7. The method of claim 1, the receiving from theparticular user of the indication of the data for sharing comprisingreceiving an indication of data not for sharing, the data not forsharing comprising at least one of a name of the particular user, anaddress of the particular user, a telephone number of the particularuser, an email address of the particular user, photos, or anidentification number of the particular user.
 8. The method of claim 1,the receiving from the particular user an indication of at least onerecipient with which to share the data comprising receiving from theparticular user an indication to share the data via the network.
 9. Themethod of claim 1, further comprising: determining a firstmultidimensional vector based on the indication of data for sharing; anddetermining a second multidimensional vector based on the indication ofat least one recipient with which to share the data; wherein determiningthe multidimensional zone comprises determining a combinedmultidimensional vector based on the first multidimensional vector andthe second multidimensional vector.
 10. The method of claim 1, whereinthe setting of the data sharing permissions for the particular user foreach of the plurality of applications comprises: setting rulesindicating information to be shared; and setting rules indicatingtargets of the information to be shared; wherein the setting of therules indicating the information to be shared and the setting of therules indicating the targets of the information to be shared comprisesestablishing a multidimensional coordinate based on the information tobe shared and the targets of the information to be shared to be withinthe multidimensional zone.
 11. The method of claim 1, wherein thesetting of the data sharing permissions for the particular user for eachof the plurality of applications comprises: setting rules indicatinginformation to be shared; setting rules indicating targets of theinformation to be shared; determining a first position vector based onthe information to be shared; and determining a second position vectorbased on the targets of the information to be shared; wherein thesetting of the rules indicating the information to be shared and thesetting of the rules indicating the targets of the information to beshared comprises establishing a multidimensional coordinate based on thefirst position vector and the second position vector.
 12. The method ofclaim 1, further comprising: receiving from the particular user at leastone allowed action for the data; and determining the multidimensionalzone further based on the at least one allowed action for the data. 13.The method of claim 12, the receiving from the particular user the atleast one allowed action for the data comprising receiving an indicationthat the data can be shared by the at least one recipient with otherrecipients.
 14. The method of claim 12, the receiving from theparticular user the at least one allowed action for the data comprisingreceiving an indication that the data can be used by the at least onerecipient in building at least one of an application or a service. 15.The method of claim 12, the receiving from the particular user the atleast one allowed action for the data comprising receiving an indicationthat the data can be used to enable transmission of at least one ofadvertisements, offers, or coupons to the particular user.
 16. Themethod of claim 12, the receiving from the particular user the at leastone allowed action for the data comprising receiving an indication thatthe data can be sold.
 17. The method of claim 12, the receiving from theparticular user the at least one allowed action for the data comprisingreceiving an indication that the data can be sold by the at least onerecipient.
 18. The method of claim 12, the determining themultidimensional zone comprising determining a combined multidimensionalvector based on the indication of the data for sharing, the indicationof the at least one recipient, and the at least one allowed action forthe data.
 19. The method of claim 12, further comprising: determining afirst value on a first axis based on the indication of data for sharing;determining a second value on a second axis based on the indication ofat least one recipient with which to share the data; and determining athird value on a third axis based on the at least one allowed action forthe data; wherein determining the multidimensional zone comprisesdetermining a combined multidimensional vector based on the first valueon the first axis, the second value on the second axis, and the thirdvalue on the third axis.
 20. The method of claim 12, further comprising:determining a first multidimensional vector based on the indication ofdata for sharing; determining a second multidimensional vector based onthe indication of at least one recipient with which to share the data;and determining a third multidimensional vector based on the at leastone allowed action for the data; wherein determining themultidimensional zone comprises determining a combined multidimensionalvector based on the first multidimensional vector, the secondmultidimensional vector, and the third multidimensional vector.
 21. Themethod of claim 12, further comprising: receiving identifyinginformation of the particular user; receiving identifying information ofa plurality of other users; comparing the identifying information of theparticular user and the identifying information of the plurality ofother users; receiving from the other users a plurality of indicationsof information for sharing; receiving from the other users a pluralityof indications of recipients with which to share the information;receiving from the other users a plurality of allowed actions for theinformation; and determining the multidimensional zone further based onthe plurality of indications of information for sharing, the pluralityof indications of recipients with which to share the information, theplurality of allowed actions for the information, and the comparing ofthe identifying information of the particular user and the identifyinginformation of the plurality of other users.
 22. The method of claim 12,further comprising: accessing for each of the plurality of applicationsat least one of a manifest, an end-user license agreement (“EULA”), orprivacy settings; and setting the data sharing permissions for theparticular user further based on the at least one of the manifest, theEULA, or the privacy settings of each of the plurality of applications.23. The method of claim 12, wherein the setting of the data sharingpermissions for the particular user for each of the plurality ofapplications comprises: setting rules indicating information to beshared; setting rules indicating targets of the information to beshared; and setting rules indicating allowed actions for theinformation; wherein the setting of the rules indicating the informationto be shared, the setting of the rules indicating the targets of theinformation to be shared, and the setting of the rules indicating theallowed actions for the information comprises establishing amultidimensional coordinate based on the information to be shared, thetargets of the information to be shared, and the allowed actions for theinformation to be within the multidimensional zone.
 24. The method ofclaim 12, wherein the setting of the data sharing permissions for theparticular user for each of the plurality of applications comprises:setting rules indicating information to be shared; setting rulesindicating targets of the information to be shared; setting rulesindicating allowed actions for the information; determining a firstposition vector based on the information to be shared; determining asecond position vector based on the targets of the information to beshared; and determining a third position vector based on the allowedactions for the information; wherein the setting of the rules indicatingthe information to be shared, the setting of the rules indicating thetargets of the information to be shared, and the setting of the rulesindicating the allowed actions for the information comprisesestablishing a multidimensional coordinate based on the first positionvector, the second position vector, and the third position vector to bewithin the multidimensional zone.
 25. A data control method comprising:receiving from a user an indication of data for sharing; receiving fromthe user at least one allowed action for the data; determining amultidimensional zone based on the indication of the data and the atleast one allowed action for the data. accessing via a network aplurality of application program interfaces (APIs) for at least one of aplurality of applications or a plurality of websites comprising aplurality of webpages; and setting data sharing permissions for the userfor each of the at least one of the plurality of applications or theplurality of webpages based on the multidimensional zone via theplurality of APIs.
 26. A data control method comprising: receiving froma particular user an indication of data for sharing; receiving from theparticular user an indication of at least one recipient with which toshare the data; determining a multidimensional zone based on theindication of the data for sharing and the indication of the at leastone recipient. accessing via a network a plurality of applicationprogram interfaces (APIs) for a plurality of websites comprising aplurality of webpages; and setting data sharing permissions for theparticular user for each of the plurality of websites based on themultidimensional zone via the plurality of APIs.